API Keys¶
The integration agents or external scripts that send events from your data estate to Observability are required to provide an API key to authenticate with the Event Ingestion API. API keys are managed at the project level and allow the system to associate events with the correct project.
The API Keys page displays a list of the keys created for a project. Details include the key name, its expiry, and its configuration—all set when creating the key.
Observability does not display the values for your API keys. When you create a key, you must copy, save, and store the value in a password manager or vault for future use.
How to create an API key¶
- Verify you are in the correct project.
- Select API Keys from the menu.
- Click Add API Key.
- Enter a name and expiry.
-
Select the key configuration.
- Send events: Use to send events from your components to the Event Ingestion API. This option is ON by default.
- Manage entities: Use to perform some management tasks.
- Transmit heartbeat: Use to ensure agents deployed in your data estate send a heartbeat signal.
-
Click Add API Key.
- Click Copy to save the key.
- After you save the API key, click anywhere on the page to exit the dialog.
Use API keys¶
Apply API keys in agent deployment scripts as the value for DK_API_KEY or EVENTS_API_KEY. For API calls, enter the key as the value for the ServiceAccountAuthenticationKey header.
Configuration details¶
- Best practice is to create keys with the most limited configuration required for your use case.
- You can create multiple keys for a project and assign each key a different name to define its purpose.
- Best practice is to set an expiry of 365 days.
- There is no limit to the number of keys a project can have.
- Best practice is to set up an API key per Observability agent or integration method.